Preliminary (partial) support for more CommModes -- This is going to …

…need substantial testing -- II
gcammisa · Feb 13, 2022 · 74f216f · 74f216f
1 parent e9437a6
commit 74f216f
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 10 deletions.
diff --git a/Firmware/Chameleon-Mini/Application/CryptoCMAC.h b/Firmware/Chameleon-Mini/Application/CryptoCMAC.h
@@ -37,7 +37,9 @@ This notice must be retained at the top of all source files where indicated.
 #define CRYPTO_CMAC_RB128          ((uint8_t) 0x87)
 
 bool appendBufferCMAC(uint8_t cryptoType, const uint8_t *keyData, uint8_t *bufferData, uint16_t bufferSize, uint8_t *IV);
+bool checkBufferMAC(uint8_t *bufferData, uint16_t bufferSize, uint16_t checksumSize);
 
 uint16_t appendBufferMAC(const uint8_t *keyData, uint8_t *bufferData, uint16_t bufferSize);
+bool checkBufferCMAC(uint8_t *bufferData, uint16_t bufferSize, uint16_t checksumSize);
 
 #endif
diff --git a/Firmware/Chameleon-Mini/Application/DESFire/DESFireUtils.c b/Firmware/Chameleon-Mini/Application/DESFire/DESFireUtils.c
@@ -152,30 +152,48 @@ uint16_t DesfirePreprocessAPDU(uint8_t CommMode, uint8_t *Buffer, uint16_t Buffe
 	    // Remove the CRCA bytes at the end of the buffer:
 	    return MAX(0, BufferSize - 2);
 	case DESFIRE_COMMS_PLAINTEXT_MAC: {
-	    // TODO: We are not checking the MAC/CMAC bytes for consistency yet ...
 	    uint16_t ChecksumBytes = 0;
             if (DesfireCommandState.CryptoMethodType == CRYPTO_TYPE_DES || DesfireCommandState.CryptoMethodType == CRYPTO_TYPE_2KTDEA) {
                 ChecksumBytes = 4;
+	        if (!checkBufferMAC(Buffer, BufferSize, ChecksumBytes)) {
+		    return 0;
+		}
 	    }
 	    else if (DesfireCommandState.CryptoMethodType == CRYPTO_TYPE_3K3DES) {
 		ChecksumBytes = CRYPTO_3KTDEA_BLOCK_SIZE;
+	        if (!checkBufferCMAC(Buffer, BufferSize, ChecksumBytes)) {
+		    return 0;
+		}
 	    } else {
-		ChecksumBytes = CRYPTO_AES128_BLOCK_SIZE;
+		ChecksumBytes = CRYPTO_AES_BLOCK_SIZE;
+	        if (!checkBufferCMAC(Buffer, BufferSize, ChecksumBytes)) {
+		    return 0;
+		}
 	    }
 	    return MAX(0, BufferSize - ChecksumBytes);
 	}
         case DESFIRE_COMMS_CIPHERTEXT_DES: {
-            // TODO ... 
-	    break;
+	    Decrypt3DESBuffer(BufferSize, Buffer, &Buffer[BufferSize], SessionIV, SessionKey);
+            memmove(&Buffer[0], &Buffer[BufferSize], BufferSize);
+	    uint16_t ChecksumBytes = CRYPTO_3KTDEA_BLOCK_SIZE;
+	    if (!checkBufferCMAC(Buffer, BufferSize, ChecksumBytes)) {
+		    return 0;
+	    }
+	    return MAX(0, BufferSize - ChecksumBytes);
 	}
 	case DESFIRE_COMMS_CIPHERTEXT_AES128: {
-            // TODO ...
-	    break;
+	    CryptoAESDecryptBuffer(BufferSize, Buffer, &Buffer[BufferSize], SessionIV, SessionKey);
+            memmove(&Buffer[0], &Buffer[BufferSize], BufferSize);
+	    uint16_t ChecksumBytes = CRYPTO_AES_BLOCK_SIZE;
+	    if (!checkBufferCMAC(Buffer, BufferSize, ChecksumBytes)) {
+		    return 0;
+	    }
+	    return MAX(0, BufferSize - ChecksumBytes);
 	}
 	default:
 	    break;
     }
-    return BufferSize;
+    return 0;
 }
 
 uint16_t DesfirePostprocessAPDU(uint8_t CommMode, uint8_t *Buffer, uint16_t BufferSize) {
@@ -224,7 +242,7 @@ uint16_t DesfirePostprocessAPDU(uint8_t CommMode, uint8_t *Buffer, uint16_t Buff
 	default:
 	    break;
     }
-    return BufferSize;
+    return 0;
 }
 
 #endif /* CONFIG_MF_DESFIRE_SUPPORT */
diff --git a/Firmware/Chameleon-Mini/Application/MifareDESFire.c b/Firmware/Chameleon-Mini/Application/MifareDESFire.c
@@ -126,7 +126,7 @@ void MifareDesfireAppTask(void) {
 
 uint16_t MifareDesfireProcessCommand(uint8_t *Buffer, uint16_t ByteCount) {
     if (ByteCount == 0) {
-        return ISO14443A_APP_NO_RESPONSE;//
+        return ISO14443A_APP_NO_RESPONSE;
     } else if ((DesfireCmdCLA != DESFIRE_NATIVE_CLA) &&
                (DesfireCmdCLA != DESFIRE_ISO7816_CLA)) {
         return ISO14443A_APP_NO_RESPONSE;
@@ -174,7 +174,9 @@ uint16_t MifareDesfireProcessCommand(uint8_t *Buffer, uint16_t ByteCount) {
 uint16_t MifareDesfireProcess(uint8_t *Buffer, uint16_t BitCount) {
     size_t ByteCount = (BitCount + BITS_PER_BYTE - 1) / BITS_PER_BYTE;
     DesfireCmdCLA = Buffer[0];
-    if ((ByteCount >= 8 && DesfireCLA(Buffer[0]) && Buffer[2] == 0x00 &&
+    if (BitCount == 0) {
+        return ISO14443A_APP_NO_RESPONSE;  
+    } else if ((ByteCount >= 8 && DesfireCLA(Buffer[0]) && Buffer[2] == 0x00 &&
             Buffer[3] == 0x00 && (Buffer[4] == ByteCount - 6 || Buffer[4] == ByteCount - 8)) || Iso7816CLA(DesfireCmdCLA)) {
         // Wrapped native command structure:
         /* Unwrap the PDU from ISO 7816-4 */